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Why Docker? 


= 
docker 


Build, Ship, Run, Any App Anywhere 


From Dev To Ops 


Za 


Any OS 


Anywhere 


Physical Virtual 


BUILD 
DEVELOPER WORKFLOWS 


Docker allows you to compose your 
application from microservices, 
without worrying about 
inconsistencies between 
development and production 
environments, and without locking 
into any platform or language. 
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SHIP 


REGISTRY SERVICES 


Docker lets you design the entire 


cycle of application development, 


testing and distribution, and 
manage it with a consistent user 
interface. 


DOCKER ENGINE 


INFRASTRUCTURE 


RUN 


MANAGEMENT 


Docker offers you the ability to 
deploy scalable services, securely 
and reliably, on a wide variety of 
platforms. 
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Whatis Docker? 


Docker is an open-source project that automates the deployment of 
applications inside software containers. 
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What is Docker? 


”an open platform for developers and sysadmins to build, ship, and run 


distributed applications” 


docker 
D Build Ship Run 
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What is Docker? 


Docker 


EH docker 


Original author(s) Solomon Hykes 


Developer(s) Docker, Inc. 

Initial release 13 March 2013; 3 years 
ago 

Stable release 1.11.2] /31 May 2016; 36 
days ago 

Written in Gol? 


Operating system Linux_] 


Platform x86-64 with modern Linux 
kernel 

Type Operating-system-level 
virtualization 

License Apache License 2.0 

Website www.docker.com zd 


Source: https: / |en.wikipedia.org / wiki/ Docker (software) 
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Pop quiz 


Docker is written in: 


A 


B 
Es 
D 


Java language 
C language 
D language 


Go language 
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Pop quiz: answer 


Docker is written in 
Go language 


Good read: Why Did We Decide to Write Docker in Go? 
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VMs vs. Docker 


= Codełps o. 


VMs vs. Docker 


Virtual Machines Containers 


Server Server 
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VMs vs. containers 


Simulates a physical machine 
Provides a local file system 
Can be accessed over a network 
Full and independent guest operating system 
Virtualized device drivers 
Strong resource and memory management 
Huge memory foot-print 


Needs a hypervisor 
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Docker accesses virtualisation features of Linux 


FT 


| Docker 
| | | 
| | | 
Linux 


cgroups namespaces netlink 


selinux netfilter 


capabilities apparmor 


3 
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Native Docker support on Windows 


Source: https: / /12.wp.com /blog.docker.com/wp-content/uploads/windows.png?w=975&ssl=1 


www.docker.com/microsoft 
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Docker for DevOps 


Integration Tests Deployment 
Platforms 


dope Hub «amazon 


Då dr Gİ rockspace 


HOSTING 


Ny 


Revision a 
| 
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Docker becoming popular over time 


Interest over time © : 


Oct 9, 2011 Apr 7, 2013 Oct 5, 2014 Apr 3, 2016 


Google Trends: https: / / www.google.co.uk / trends /explore?q=%2Fm%2F0wkcjgj&hl=en-US 
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Essential Docker components 
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Installing Docker 


Install it from “https://www.docker.com/products/overview" 


INSTALL THE PLATFORM 


Install Docker with easy to use installers for the major desktop and cloud 


MAC 


A native Mac application with a user 
interface and auto-update capabilities, 
that is deeply integrated with OS X 
native virtualization. 


AWS 


Quickly deploy, scale, and manage 
Docker on AWS. Docker for AWS takes 
optimal advantage of the underlying 
infrastructure, while providing a modern 
Docker platform that can be used to 
deploy portable apps. 


Learn More 


platforms. 


WINDOWS 


A native Windows application with a 
user interface and auto-update 
capabilities, that is deeply integrated 
with Windows native virtualization. 


AZURE 


Quickly deploy, scale and manage 
Docker on Azure. Docker for Azure takes 
optimal advantage of the underlying 
infrastructure, while providing a modern 
Docker platform that can be used to 
deploy portable apps. 


LINUX 


Install Docker on nodes which have a 
Linux distribution already installed. 


OTHERS 


For platforms without a Docker installer, 
easily setup Docker using Docker 
Machine. 


NGINX 
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Official Docker images? 


nginx 
official 


busybox 
official 


ubuntu 
official 


redis 
officia 


registry 
officia! 


swarm 
official 


mongo 
official 


From “https://hub.docker.com/explore/" 


3.5K 
STARS 


737 
STARS 


4.3K 
STARS 


2.4K 
STARS 


950 
STARS 


410 
STARS 


2.1K 
STARS 


10M+ 
PULLS 


10M+ 
PULLS 


10M+ 
PULLS 


10M+ 
PULLS 


10M+ 
PULLS 


10M+ 
PULLS 


10M+ 
PULLS 
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Finding Docker version 


0090 == mydocker — -bash — 47x19 

$ docker version 
Client: 

Version: 1.12.0-rc4 

API version: 1.24 

Go version: 901.6.2 

Git commit: e4a0dbc 

Built: Wed Jul 13 03:28:51 2016 
0S/Arch: darwin/amd64 
Experimental: true 
Server: 

Version: 1.12.0-rc4 

API version: 1.24 

Go version: 901.6.2 

Git commit: e4a0dbc 

Built: Wed Jul 13 03:28:51 2016 
OS/Arch: Linux/amd64 


Experimental: true 


$i 
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How to find my Docker version? 


$ docker -v 
Docker version 1.12.0-rc4, build e4aOdbc, experimental 


Codettps 


Finding details of a Docker installation 


000 M mydocker — -bash — 79x42 


$ docker info 
Containers: 36 
Running: @ 
Paused: @ 
Stopped: 36 
Images: 44 
Server Version: 1.12.Ø-rc4 
Storage Driver: aufs 
Root Dir: /var/lib/docker/aufs 
Backing Filesystem: extfs 
Dirs: 142 
Dirperm1 Supported: true 
Logging Driver: json-file 
Cgroup Driver: cgroupfs 
Plugins: 
Volume: local 
Network: host bridge null overlay 
Swarm: inactive 
Runtimes: runc 
Default Runtime: runc 
Security Options: seccomp 
Kernel Version: 4.4.15-moby 
Operating System: Alpine Linux v3.4 
OSType: linux 
Architecture: x86_64 
CPUs: 2 
Total Memory: 1.954 GiB 
Name: moby 
ID: BJ3B:7ZHJ:BDQ2:X7BQ: 3KBZ: XQI5: ID7C: VIFW: 755U: OSTC: ZX2B: JNX6 
Docker Root Dir: /var/lib/docker 
Debug Mode (client): false 
Debug Mode (server): true 
File Descriptors: 18 
Goroutines: 29 
System Time: 2016-07-19T15:43:54.215107093Z 
EventsListeners: 1 
No Proxy: *.local, 169.254/16 
Registry: https://index.docker.io/v1/ 
Experimental: true 
Insecure Registries: 
127.0.0.0/8 
sa 
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Can | install Docker from commandline? 


Yes! from get.docker.com 


# This script is meant for quick & easy install via: 
# 'curl -sSL https://get.docker.com/ | sh' 

# or: 

# 'wget -q0- https://get.docker.com/ | sh' 
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How to do “hello world” in Docker? 


$ docker run docker/whalesay cowsay Hello world 
$ docker run docker/whalesay cowsay Hello world 


< Hello world > 


BĘ : 
HH HE HH == 

HR HH FH HH === 

ALLA re 
NNN {an NNNN NNN NNNN NN n |] SEE am 
\ 0 / 
4 \ af 
\ \ / 


$ || 
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How to do “hello world” tn Docker? 


„Runs a command Command name to 
in a new container run within the container 
$ docker run docker/whalesay cowsay "Hello world" 


Base image for Argument to the 
creating the container “cowsay” command 
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How to do “hello world” tn Docker? 


$ docker run -it hello-world 


$ docker run -it hello-wor ld 


Hello from Docker! 

This message shows that your installation appears to be working correctly. 

To generate this message, Docker took the following steps: 

1. The Docker client contacted the Docker daemon. 

2. The Docker daemon pulled the "hello-world" image from the Docker Hub. 

3. The Docker daemon created a new container from that image which runs the 
executable that produces the output you are currently reading. 

4. The Docker daemon streamed that output to the Docker client, which sent it 
to your terminal. 


To try something more ambitious, you can run an Ubuntu container with: 
$ docker run -it ubuntu bash 


Share images, automate workflows, and more with a free Docker Hub account: 
https://hub.docker.com 


For more examples and ideas, visit: 
https://docs.docker. com/engine/userguide/ 
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How to get help on commands to use? 


Use “docker -h” command, asin: 


$ docker —h 
Usage: docker [OPTIONS] COMMAND [arg...] 
docker [ --help | -v | --version | 


A self-sufficient runtime for containers. 


Options: 
--config=»/.docker Location of client config files 
-D, --debug Enable debug mode 
-H, --host=[] Daemon socket(s) to connect to 
=h; MED Print usage 
—L, ——log-level=info Set the logging level 

Commands: 


attach Attach to a running container 
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Docker commands look like Linux commands - so 


familiarity with Linux commands can really help to 


get up to speed quickly with Docker. 
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Docker Images 


How to get list of images? 


$ docker images 
REPOSITORY 
prasantk/average 
<none> 

<none> 

<none> 

<none> 

python 

examp le/docker-node-hello 
centos 
hello-world 
ubuntu 

node 

alpine 

fedora 

nginx 
docker/whalesay 
training/webapp 
progrium/stress 


TAG 
latest 
<none> 
<none> 
<none> 
<none> 
3.5 
latest 
latest 
latest 
latest 
0.10 
latest 
latest 
latest 
latest 
latest 
latest 


Codet+ps 


IMAGE ID 

de756e5f8b96 
3d02168f00fc 
d3a03f4665ab 
827527375287 
264584ac458e 
7fd24fb1b492 
92baf9b777b8 
05188b417f30 
c54a2cc56cbb 
0f192147631d 
8beaba2e26be 
4e38e38c8ce0 
f9873d530588 
0d409d33b27e 
6b362a9f73eb 
6fae60ef3446 
db646a8f4087 


CREATED 
10 days 
10 days 
10 days 
10 days 
10 days 
10 days 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 


RB WWN N N N 


14 months ago 
14 months ago 


2 years 


ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 


ago 


SIZE 
34.22 MB 
34.22 MB 
34.22 MB 
34.22 MB 
745.6 MB 
686 MB 
658.6 MB 
196.8 MB 
1.848 kB 
132.8 MB 
642.4 MB 
4.799 MB 
204.4 MB 
182.8 MB 
247 MB 
348.8 MB 
281.8 MB 
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How to search for an image? 


$ docker search debian 
NAME 

debian 

neurodebian 
armbuild/debian 
jesselang/debian-vagrant 
eboraas/debian 
mschuerig/debian-subsonic 
reinblau/debian 
webhippie/debian 
datenbetrieb/debian 
opennsm/debian 
lucasbarros/debian 
lephare/debian 
eeacms/debian 
maxexcloo/debian 
servivum/debian 
konstruktoid/debian 
icedream/debian-jenkinsslave 
visono/debian 
nimmis/debian 
vcatechnology/debian 
ustclug/debian 
fike/debian 

pl31/debian 
mariorez/debian 
gnumoksha/debian 

$ || 


DESCRIPTION 


Debian is a Linux distribution that's comp... 
NeuroDebian provides neuroscience research... 


ARMHF port of debian 


Stock Debian Images made Vagrant-friendly ... 
Debian base images, for all currently-avai... 


Subsonic 5.1 on Debian/wheezy. 


Debian with usefully default packages for ... 


Docker images for debian 


minor adaption of official upstream debian... 


Lightly modified Debian images for OpenNSM 
Basic image based on Debian 
Base debian images 


Docker image for Debian to be used with EE... 
Docker base image built on Debian with Sup... 


Debian Docker Base Image with Useful Tools 
Debian base image 
Debian for Jenkins to be used as slaves. 


Docker base image of debian 7 with tools i... 
This is different version of Debian with a... 


A Debian image that is updated daily 
debian image for docker with rustic mirror 


Debian Images with language locale installed. 


Debian base image. 
Debian Containers for PHP Projects 


[PT-BR] Imagem båsica do Debian com ajust... 


STARS OFFICTAL 
1503 [OK] 
23 [OK] 


SSSSSS OS GG G MA MA MA KA KA KA KA KA NJ R UI 00 00 


AUTOMATED 


[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
[OK] 
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How to get an image? 


Use “docker pull <image_name>” command 


$ docker pull debian 

Using default tag: latest 

latest: Pulling from library/debian 

5c9@d4a2d1a8: Already exists 

Digest: sha256:8b1fc3a/a55c42e3445155b2f8f40c55de5f8bc8012992b26b570530c4bded9e 
Status: Downloaded newer image for debian: latest 


In my case debian image was 


already pulled. If it were not there, 
Docker would have pulled it afresh 


| VEZ. | 
PRACTICE | 


Prefer choosing a smaller base image that provides 


equivalent functionality (for your requirement) instead of 
choosing a larger one 


* Example: Choose Alpine vs. Fedora (5 MB vs. 205 MB) 


alpine latest 4e38e38c8ce0 4 weeks ago 4.799 MB 
latest f9873d530588 4 weeks ago 
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How to get details of an image? 


Use “docker inspect <image name>” command 


docker inspect debian 


{ 


"Td": "sha256:1b088884749bd93867ddb48 f f404d4bbf f09a17af8d95bc863efa5d133f87b78", 
"RepoTags": [ 

"debian: latest" 
] 


"RepoDigests": [ 
"debianQsha256:8blfc3a7a55c42e3445155b2f8f4Øc55de5f8bc8012992b26b57Ø53Øc4bded9e" 
] 


lI arent": oe 

"Comment": kę 

"Created": "2016-06-09T21:28:43.7764048162", 
"Container": "2f3dcd897cf758418389d50784c73b43b1fd7dbØ9a80826329496fØ5eef7b377", 
"ContainerConfig": I 

"Hostname": "6250540837a8", 
"Domainname": "”, 

“User pace 

"AttachStdin": false, 

"AttachStdout": false, 

"AttachStderr": false, 

"Tty": false, 

"OpenStdin”: false, 

EEE 
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How to see “layers” in an image? 


Use “docker history <image_name>” command 


$ docker history gcc 


IMAGE 
a0b516dc1799 
<missing> 
<missing> 
<missing> 
<missing> 
<missing> 
<missing> 
<missing> 
<missing> 
<missing> 
<missing> 


CREATED 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 
weeks 


On MM OO Gn YU Y Y Y UU 


ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 
ago 


CREATED 
/bin/sh 
/bin/sh 
/bin/sh 
/bin/sh 
/bin/sh 
/bin/sh 
/bin/sh 
/bin/sh 
/bin/sh 
/bin/sh 
/bin/sh 


BY 
=€ 
=© 
=Ç 
=€ 
=Ç 
m” 
=> 
=ç 
=Ç 
= 
=Ç 


set -x && dpkg-divert --divert /u 
echo '/usr/local/lib64' > /etc/ld. 
buildDeps='flex' && set -x && ap 
#(nop) ENV GCC VERSION=6.1.0 

set -xe && for key in $GPG_KEYS; 
#(nop) ENV GPG_KEYS=B215C1633BCA04 
apt-get update && apt-get install 
apt-get update && apt-get install 
apt-get update && apt-get install 
#(nop) CMD ["/bin/bash"] 

#(nop) ADD file:76679eeb94129df23c 


each layer in the image 


125.1 MB 


Each of these lines are layers and the 


size column shows the exact size of 


COMMENT 


| VE: | 
| V PRACTICE | 


Use tools to visualise layers 


You can use the online tool imagelayers.io to visualise the 


layers of an image 
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How can | load and store images? 


Use “docker save” and “docker load” commands 


$ docker save nginx -o nginx.tar 

$ ls -ltr nginx.tar 

-w------- 1 gsamarthyam staff 190775808 Jul 20 11:04 nginx.tar 
$ docker load -i ./nginx.tar 

Loaded image: nginx: Latest 
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How do | delete an image? 


Use “docker rmi <image-tag>” 


$ docker images alpine 

REPOSITORY TAG IMAGE ID CREATED SIZE 
alpine latest 4e38e38c8ce0 4 weeks ago 4.799 MB 
$ docker rmi alpine 

Untagged: alpine: latest 

Untagged: alpineasha256:3dcdb92d7/432d56604d4545cbd324b14e647b313626d99b889d0626de158f7/3a 
$ docker images alpine 

REPOSITORY TAG IMAGE ID CREATED SIZE 
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How to delete all docker images? 


Use “$docker rmi $(docker images -q)” 


docker images -q 


lists all image ids 


Avoid “image sprawl” 


Remove unused images and release disk space 


// output from the docker bench security tool 
[INFO] 6.4 - Avoid image sprawl 


[INFO] * There are currently: 60 images 
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How to find “dangling images”? 


$ docker images -f "dangling=true" 
TAG 


REPOSITORY 
<none> 
<none> 
<none> 


Use “docker images -f "dangling=true"” 


<none> 
<none> 
<none> 


IMAGE ID 

777f9424d24d 
3d02168f00fc 
01192147631d 


CREATED 

7 minutes ago 
12 days ago 

3 weeks ago 


SIZE 

125.2 MB 
34.22 MB 
132.8 MB 


| VEZ | 
V PRACTICE | 


Remove “dangling images” 


Remove “dangling images” using the command “$docker 


rmi $(docker images -f "dangling=true" -q)” 


Using Registry & Repository 


iy 


WAŻ War var 
DRS pd NET Ne Re 
vet 3 f FE ¿e 
e - SA d 
` "si, HER dr 
MP y VG. „zed, 3 = 
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How to push my image to Docker Hub? 


$ docker tag myjavaapp gsamarthyam/myfirstjavaprog: Latest 

$ docker push gsamarthyam/myfirstjavaprog: latest 

The push refers to a repository [docker.io/gsamarthyam/myfirstjavaprog] 

a97e2e0314bc: Pushed 

3b9964bc9417: Pushed 

de174b528b56: Pushed 

// elided the output 

latest: digest: sha256:1618981552efb12afa4e348b9c0e6d28f0ac4496979ad0c0a821b43547e13c13 size: 2414 
$ 


© CŒ & https://hub.docker.com Q ve D @ o 


Dashboard Explore Organizations Q Search Create 2 gsamarthyam 


gsamarthyam & Repositories % Stars LZ Contributed Private Repositories: Using 0 of 1 Get more | 


gsamarthyam/myfirstjavaprog 0 1 > 
public STARS PULLS DETAILS 
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How to pull my image from Docker Hub? 


$ docker pull gsamarthyam/myfirstjavaprog: latest 

latest: Pulling from gsamarthyam/myfirstjavaprog 

Digest: sha256:1618981552efb12afa4e348b9c0e6d28f0ac4496979ad0c0a821b43547e13c13 
// output elided .. 

$ docker images 


REPOSITORY TAG IMAGE ID CREATED SIZE 
myjavaapp latest Ød7a3a12ba9d About an hour ago 669.2 MB 
gsamarthyam/myfirstjavaprog latest Ød7a3a12ba9d About an hour ago 669.2 MB 


// output elided .. 

$ docker run gsamarthyam/myfirstjavaprog 
hello world 

$ 
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How do | create and use my own registry? 


Pull the “registry” image and run the container 


$ docker pull registry 
Using default tag: Latest 
latest: Pulling from library/registry 


e110a4a1/941: 
2ee5ed28f fa7: 
d1562c23a8aa: 
06ba8e23299f: 
802d2a9c64e8: 


Already exists 
Pull complete 
Pull complete 
Pull complete 
Pull complete 


Digest: sha256:1b68f0d54837c356e353efb04472bc0c9a60ae1c8178c9ce076b01d2930bcc5d 
Status: Downloaded newer image for registry: latest 


$ docker run -d -p5000:5000 registry 
/7768bed98a5e1916a820c84906e1f21cfc84888a934c140ad22e19cee5e2541d 


You can now push/ pull 


images from this private 
registry 
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Docker Containers 
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How to get list of containers? 


$ docker ps -a 


CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 
6322b8204a5d ubuntu "/bin/bash" 6 days ago Exited (Ø) 6 days ago desperate aryabhata 
1e95fcd15893 fedora "/bin/bash" 6 days ago Exited (Ø) 6 days ago stoic agnesi 
73c773524c8a nginx "nginx -g 'daemon off" 10 days ago Exited (@) 9 days ago serene_hoover 
70f0d1e4cd08 nginx "—bridge:my-bridge-ne" 10 days ago Created 80/tcp, 443/tcp happy_hawking 
c2e2f1fd2352 ubuntu "/bin/bash -c export" 10 days ago Exited (@) 1@ days ago sad_galileo 
77ded5de4b2f prasantk/average "node average.js 12" 10 days ago Exited (0) 10 days ago mad_darwin 
c676058126b1 prasantk/average "node average.js 12" 10 days ago Exited (0) 10 days ago ecstatic_lalande 
6bddbe7885f5 prasantk/average "node average.js" 1Ø days ago Exited (@) 10 days ago big_thompson 
Øa3ad84c2221 3d02168f00fc "node average.js" 1@ days ago Exited (0) 10 days ago peaceful_minsky 
47e697c3fc12 3d02168f00fc “node average.js" 10 days ago Exited (0) 10 days ago hungry_lamport 
787973337937 3d02168f00fc "-e '123'" 10 days ago Created drunk_mayer 
8c13665a8ca8 3d02168f00fc Re Ka 10 days ago Created loving carson 
2afe5e6f1384 3d02168f00fc "1 2 3" 10 days ago Created nostalgic_leavitt 
5d7403525309 3d02168f00fc “1 2 3 10 days ago Created happy_newton 
1045734ecd5c 3d02168f00fc "node average.js" 10 days ago Exited (0) 10 days ago reverent_williams 
8989e7fc7d7a nginx "nginx -g 'daemon off" 10 days ago Exited (0) 9 days ago kickass lichterman 
a08ebl0ae2fa nginx "nginx -g 'daemon off" 10 days ago Exited (0) 10 days ago docker—nginx 
e447a0763ff1 nginx "nginx —g 'daemon off" 10 days ago Exited (@) 1@ days ago hopeful_dijkstra 
9aleab880312 alpine "/bin/sh" 10 days ago Exited (0) 10 days ago hungry_sinoussi 
1932e28ef5cc alpine "/bin/bash" 10 days ago Created modest_engelbart 
454adf9473f9 alpine "echo hello" 10 days ago Exited (0) 10 days ago elated_curran 
ad834018d0a3 alpine "echo hello" 10 days ago Exited (@) 1@ days ago sleepy davinci 
4a678e2c1c11 hello-world "/hello" 10 days ago Exited (@) 10 days ago thirsty keller 
369e76f97dd7 training/webapp "python app.py" 13 days ago Exited (0) 13 days ago 9.0.0.0:32771->5000/tcp boring roentgen 
826204fae788 hello-world "/hello" 13 days ago Exited (Ø) 13 days ago happy kalam 
4c8bacdd231a docker/whalesay "cowsay foobar" 13 days ago Exited (0) 13 days ago big_carson 
60809ce0320d docker/whalesay "cowsay boo" 13 days ago Exited (0) 13 days ago distracted_wilson 
1e5d8f24be78 ubuntu "/bin/bash" 2 weeks ago Exited (@) 2 weeks ago fervent_agnesi 
8a23c6c978f3 ubuntu: latest "/bin/bash" 2 weeks ago Created berserk pare 
64c2Øbcac482 ubuntu "echo hello" 2 weeks ago Exited (Ø) 2 weeks ago gloomy darwin 
213605afcc24 ubuntu "hello" 2 weeks ago Created goofy_jones 
6575e1b2ae09 ubuntu "hello" 2 weeks ago Created condescending_shirley 
8345b4e82a5b ubuntu "hello" 2 weeks ago Created serene_jepsen 
ce31cb01a791 ubuntu "echo hello" 2 weeks ago Exited (@) 2 weeks ago small_bhaskara 
cf3b1580e3d1 ubuntu "hello" 2 weeks ago Created evil heyrovsky 
f46a4880894e ubuntu "hello" 2 weeks ago Created sick_lamport 
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How to run a container? 
Use “docker run OPTIONS <<image-tag>> CMD ARGS” 


$ docker run fedora /bin/echo ‘Hello world' 


Hello world 
$ 
Command 


docker run fedora /bin/echo 'Hello world' 


Command name 
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How to run a container interactively? 


$ docker run -t -i fedora /bin/bash 
[rootG00eef5289c91 /]4 pwd 

/ 

[rootG00eef5289c91 /]# whoami 

root 

[rootG00eef5289c91 /]# ls 

bin boot dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv 
sys WE usr var 
[root@@0eef5289c91 /1# cc 

bash: cc: command not found 
[roota00eef5289c91 /1 gcc 

bash: gcc: command not found 
[rootG00eef5289c91 /1# java 

bash: java: command not found 
[root@®deef5289c91 /1# tar 

bash: tar: command not found 
[rootG00eef5289c91 /1# exit 

exit 


$ 


Create a terminal 


to interact with 


docker run -t -i fedora /bin/bash 


short for “—interactive" 


Codettps 


Gobb's totem - the top 


N WHAT IT DOES: 
y SPINS CONTINUOUSLY WHILE 


IN DREAM - STOPS SPINNING IN 
THE REAL WORLD. 


i Codelps Es 05 eee e 
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Running a container - Totem? 


$ hostname 

ganesh 

$ docker run -it alpine /bin/sh 
/ # hostname 


b4ebae46b156 
/ # ps -a 
PID USER TIME COMMAND 
1 root 0:00 /bin/sh 
6 root 0:00 ps —a 
/ # exit 
$ ps -a 
PID TTY TIME CMD 


15327 ttys001 0:00.02 login -pf gsamarthyam 
15328 ttys001 0:00.27 —bash 


Codet¥ps 


How to run a container in the background? 


44 


short for “—detach” and it runs 


container in the background 


$ docker run -d ubuntu /bin/sh -c "while true; do echo current date and time is: $(date); sleep 


10; done" 

9128bf57e03c3b32f0bf784a92332953996236d7e358a77c62c10bdec95fd5b9 

$ docker ps 

CONTAINER ID IMAGE COMMAND CREATED STATUS 
PORTS NAMES 

9128bf57e03c ubuntu "/bin/sh -c "while tr" About a minute ago Up About a 
minute lonely_einstein 


$ docker logs 9128bf57e03c3b32f0bf784a92332953996236d7e358a77c62c10bdec95fd5b9 
current date and time is: Fri Jul 22 15:42:49 IST 2016 

current date and time is: Fri Jul 22 15:42:49 IST 2016 

current date and time is: Fri Jul 22 15:42:49 IST 2016 

current date and time is: Fri Jul 22 15:42:49 IST 2016 

// output elided 


Codeps 


How to expose a port? 


host port (machine on mapped port - 


which this command is run) nginx 


$ docker run -d -p 80:80 nginx 
9128bf57e03c3b32f0bf784a92332953996236d7e358a77c62c10bdec95fd5b9 


$ docker inspect 9128bf57e03c3b32f0bf784a92332953996236d7e358a77c62c10bdec95fd5b9 


"PortBindings": 4 
"80/tcp": | 
1 


“HostIp": yz 
"HostPort": "80" 


Using Nginx 


Type http: / /localhost:80 in your browser window 


CX CX EN CYL CL D CY BY DY x Ganesh 


G Oloc.. Ark 9 © A, 


Welcome to nginx! 


If you see this page, the nginx web server is successfully installed and 
working. Further configuration is required. 


For online documentation and support please refer to ngira org. 
Commercial support is available at nginx.com. 


Thank you for using nginx. 
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How to expose a port? 


host port (machine on which this command is run); since no explicit 


mapped port number is provided, a random port number is assigned 


$ docker run -d -p 80 --name minenginx nginx 
9128bf57e03c3b32f0bf784a92332953996236d7e358a77c62c10bdec95fd5b9 


$ docker inspect minenginx 


"Ports": 4 
"443/tcp": null, 
"80/tcp": | 
1 


"HostIp" 0.0 0. o" » J randomly assigned and mapped 
HostPort : "32770 port number (by docker) 
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How to expose all exposed ports? 


-P publishes all exposed ports to random ports; in this case, ports 


443 and 80 are respectively mapped to 32771 and 32772 


$ docker run -d -P --name minenginx nginx 
6b873116f198f4235e3eee1b2085e0312eaa006/21/da614c62e2ce55a8c8d4e 
$ docker port minenginx 

443/tcp -> 0.0.0.0:32771 

80/tcp -> 0.0.0.0:32772 
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How to attach to a running container? 


44 


short for “— detach” and it runs 


container in the background 


$ docker run -d ubuntu /bin/sh -c "while true; do echo current date and time is: $ 
(date); sleep 10; done" 
acc349675098a013336607612082db6171ee4a0cd2e1e45ada9a485684ea4c01 

$ docker attach acc349675098a0133366076f2082db6171ee4a0cd2e1e45ada9a485684ea4c01 
current date and time is: Mon Aug 1 10:30:13 IST 2016 

current date and time is: Mon Aug 1 10:30:13 IST 2016 


The “attach” command attaches 


toarunning container 


Codettps 


How to detach from a running container (without exiting)? 


From docker documentation 


# To detach the tty without exiting the shell, 
# use the escape sequence Ctrl-p + Ctrl-q 
# note: This will continue to exist in a stopped state once exited (see "docker ps -a" 


$ docker run -it alpine /bin/sh 
/ # echo "hello" 


hello 

/ # $ docker ps 

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS 
NAMES 

99d946d9b4e0 alpine "/bin/sh" 15 seconds ago Up 14 seconds 


gloomy mcclintock 
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How do | create an image from a running container? 
Use “docker commit” command 


$ docker run -d alpine echo "hello world" 
9884347880f62f7c5d43702c3d701e3b87a49f9bdde5843380af1479f4dc0755 

$ docker logs 9884347880f62f7c5d43702c3d701e3b87a49f9bdde5843380af1479f4dc0755 
hello world 

$ docker commit -m "my first image from container" 
9884347880f62f7c5d43702c3d701e3b872a49f9bdde5843380af1479f4dc0755 myalpine: latest 
sha256:b707ef35394c365bece70240213942e43da7f882107d30482ad6bec6b4bacfb7 

$ docker images 


REPOSITORY TAG IMAGE ID CREATED 

SIZE 

myalpine latest b707ef35394c 18 hours ago 
4.799 MB 


$ docker run -it b707ef35394c365bece70240213942e43da7f882107d30482ad6bec6b4bacfb7 
hello world 


$ 
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Avoid “docker commit” 


Avoid creating docker images manually (e.g., using 


“docker commit”); rather automate the image build 


process (using Dockerfile and “docker build”) 
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How to get list of containers? 


Use “docker ps” command 


$ docker ps 
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 
3651758 fF f308 wordpress: Latest "/entrypoint.sh apach" 2 days ago Up 2 days 0.0.0.0:8000->80/tcp mywordpress wordpress 1 


b95388054539 mysql:5.7 "docker-entrypoint.sh" 2 days ago Up 2 days 3306/tcp mywordpress db 1 
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How do | see all the containers? 


$ docker ps -a 


CONTAINER ID 
2c378c6b84bl 
c4b2db95f268 
2dcd9dØcafof 
3651758ff308 
b95388054539 
4b984664f9aa 
63cd7661a8ad 
c191fbeae884 
08e173332d46 
6322b8204a5d 


IMAGE 

fedora 
hello-world 
77719424d24d 
wordpress:latest 
mysql:5.7 
golang: Latest 
hello-world 
ubuntu 
docker/whalesay 
0f192147631d 


Use “docker ps -a” command 


COMMAND 

"/bin/echo 'Hello wor" 
"/hello" 

"/bin/bash" 
"/entrypoint.sh apach" 
"docker-entrypoint.sh" 
"go run myapp.go" 
"/hello" 

"/bin/bash" 

"cowsay Hello world" 
"/bin/bash" 


CREATED 

4 minutes ago 
5 minutes ago 
42 minutes ago 


ONNNNNN 


days 
days 
days 
days 
days 
days 
days 


ago 
ago 
ago 
ago 
ago 
ago 
ago 


STATUS 


Exited (0) 4 minutes ago 
Exited (0) 5 minutes ago 
42 minutes ago 


Exited (0) 
Up 2 days 
Up 2 days 
Exited (1) 
Exited (0) 
Exited (0) 
Exited (0) 
Exited (0) 


2 days 
2 days 
2 days 
2 days 
9 days 


ago 
ago 
ago 
ago 
ago 


PORTS 


0.0.0.0:8000->80/tcp 
3306/tcp 


NAMES 

grave thompson 
amazing jones 
prickly khorana 
mywordpress wordpress 1 
mywordpress db 1 
mydocker app 1 
adoring_sammet 
clever mcclintock 
tender joliot 
desperate aryabhata 
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Explicitly remove exited containers 


Explicitly use --rm to remove the container from the file 


system - otherwise, even if the container exits, it is not 


cleaned up yet (and will hog memory). 
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How do | remove a container? 


Use “docker rm” command 


$ docker stop mywordpress_db_1 
mywordpress_db_1 

$ docker rm mywordpress db 1 
mywordpress_db_1 


You have to first stop a 


container before trying 
to remove it 
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How do | remove all the containers? 


Use “docker stop $(docker ps -a -q)” and 
“docker rm $(docker ps -a -g)” commands 


$ docker stop $(docker ps -a -q) 
00eef5289c91 

8553eebfab94 

696a04db91db 

// rest of the output elided 

$ docker rm $(docker ps -a -q) 
00eef5289c91 

8553eebfab94 

696a04db91db 

// rest of the output elided 

$ docker ps -a 

CONTAINER ID IMAGE COMMAND CREATED STATUS 
PORTS NAMES 


Note hów the output 


shows no containers 


— docker run one 
— docker create 


docker rm 


docker rm 


ETD 
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State transition 


docker stop 
docker kill 


docker start > docker restart 
docker start 
docker pause 


Yes container 
process 
exited 


killed by 
out-of-memory 


Should 


No restart? 


paused 


docker unpause 
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Using nginx 


Nginx exposes ports 80 and 443; -P maps them 


randomly in the ports range 49153 and 65535 


$ docker run --name mynginx -P -d nginx 
561e15ac1848cf481f89bb161c23dd644f176b8f142fe617947e06f095e0953f 


$ docker ps 

CONTAINER ID IMAGE COMMAND CREATED 
STATUS PORTS NAMES 
561e15ac1848 nginx “nginx -g ‘daemon off" 18 hours ago 


Up About a minute  0.0.0.0:32771->80/tcp, 0.0.0.0:32770->443/tcp  mynginx 
$ curl localhost:32771 
<!DOCTYPE html> 


<html> 
<head> 
<title>Welcome to nginx!</title> 
<style> 
body { 
width: 35em; 
margin: Ø auto; 
font-family: Tahoma, Verdana, Arial, sans-serif; 
} 
</style> 
</head> 


// rest of the output elided ... 
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Using nginx 


Type “localhost:80” in 


the browser address bar 


$ cat Dockerfile 

FROM nginx: latest 

MAINTAINER Ganesh Samarthyam < 
ADD ./index.html /usr/share/nginx/html/ index.html 

EXPOSE 80 welcome to Dockerizing apps! 

$ cat index.html 

<h1> welcome to Dockerizing apps! <h1> 

$ docker build . 

Sending build context to Docker daemon 3.072 kB 

// output elided ... 

Removing intermediate container b@43a75adelc 

Successfully built 1aae04309f8b 

$ docker images 

REPOSITORY TAG IMAGE ID CREATED SIZE 
<none> <none> laae04309f8b 6 seconds ago 182.8 MB 
$ docker run -p 80:80 -d laae04309f8b 
984c179231188445289e70d854250e4e981b77a899208360db4466e73930be42 

$ curl localhost: 80 

<h1> welcome to Dockerizing apps! <h1> 


$ 
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How do I run a U program? 


$ docker pull gcc 

Using default tag: latest 

latest: Pulling from library/gcc 
5c90d4a2dla8: Already exists 

ab30c63719b1: Already exists 

c6072700a242: Already exists 

abb742d515b4: Already exists 

d32a4c04e369: Pull complete 

276c31cfØa4c: Pull complete 

a455d29f9189: Pull complete 

dcfe5869552b: Pull complete 

Digest: sha256:35256b5f4e4d5643c9631c92e3505154cd2ea666d2f83812b418cfdb1d5866e8 
Status: Downloaded newer image for gcc: latest 


$ 
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How do I run a C program? 


$ docker pull ubuntu: latest 

latest: Pulling from library/ubuntu 

43db9dbdcb30: Pull complete 

85a9cd1ifcca2: Pull complete 

c23af8496102: Pull complete 

e88c36ca55d8: Pull complete 

Digest: sha256: /ce82491d6e35d3aa/458a56e4/0a821baecee651fba/6957111402591d20fc1 
Status: Downloaded newer image for ubuntu: latest 


$ docker run -i -t ubuntu /bin/bash 
root@c191fbeae884:/# gcc 
bash: gcc: command not found 


root@c191fbeae884:/# apt-get update 

// elided the output 
rootac191fbeae884:/4 apt-get install gcc 
// elided the output 
root@c191fbeae834:/# cat > hello.c 

int main() + printf("hello world\n”); + 
rootdc191fbeae884:/# gcc —w hello.c 
rootac191fbeae884:/4 ./a.out 

hello world 

rootac191fbeae884: /# 
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How do I run a U program? 


$ cat Dockerfile 
FROM gcc:latest 
MAINTAINER Ganesh Samarthyam version: 0.1 


COPY . /usr/src/mycapp 
WORKDIR /usr/src/mycapp 


RUN gcc -o first first.c 
CMD ["./first"] 


$ cat first.c 
#include <stdio.h> 


int main() { printf("hello world\n"); } 


$ docker build . -t"mycapp: latest" 
Sending build context to Docker daemon 3.072 kB 
Step 1 : FROM gcc: latest 

---> a0b516dc1799 

// .. steps elided ... 

Step 6 : CMD ./first 

———> Using cache 

---> f99e7f18fa42 

Successfully built f99e7f18fa42 

$ docker run -it mycapp 

hello world 
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How do I run a Java program? 


$ cat Dockerfile 
FROM java: latest 
COPY . /usr/src/ 
WORKDIR /usr/src/ 
RUN javac hello.java 
CMD ["java", "hello"] 
$ cat hello.java 
class hello I 
public static void main(String [largs) 1 
System.out.println("hello world"); 


} 
$ docker build . -t"myjavaapp: latest" 
Sending build context to Docker daemon 3.072 kB 
Step 1 : FROM java: latest 
---> 264282a59a95 
// intermediate steps elided 
Successfully built Ød7a3a12ba9d 
$ docker images 


REPOSITORY TAG IMAGE ID 
myjavaapp latest Ød7a3a12ba9d 
$ docker images 

REPOSITORY TAG IMAGE ID 
myjavaapp latest Ød7a3a12ba9d 
<none> <none> 7cfb4bdf47a7 


// rest of the output elided 
$ docker run myjavaapp 
hello world 


CREATED 
About an hour ago 


CREATED 
About an hour ago 
About an hour ago 


SIZE 
669.2 MB 


SIZE 
669.2 MB 
669.2 MB 
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Beware of “container sprawl” 


Application broken to run in “too many containers” can 


be difficult to deal with! 


“Breaking deployments into more functional discrete 
parts is smart, but that means we have MORE 
PARTS to manage. There's an inflection point 
between separation of concerns and sprawl.” 

-- Rob Hirschfeld 
(CEO of RackN and OpenStack Foundation board member) 
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Pop quiz 


What happens when you execute this on the command- 
line? 
docker run debian /bin/sh 


a 


B. 


Ć 


A prompt from the shell of created container will be thrown to you 
A container Is created and then exited immediately 


A container is created and executes in the detached mode; you can 
attach to it later using the container id 


Docker SES the efor FO response TOM daemon: No 
command specified. 


Codettps 


Pop quiz: answer 


When you execute this command, 
docker run debian /bin/sh 


A container is created and then exited immediately. 


$ docker ps —a 


CONTAINER ID IMAGE COMMAND 
CREATED STATUS PORTS NAMES 
4c12998fd392 debian "/bin/bash" 


6 seconds ago Exited (Ø) 5 seconds ago Sick panini 


Codettps 


Pop quiz 


What happens when you execute this on the command- 
line? 
docker run -itd debian 
You get Error response from daemon: No command specified. 
The created container runs in the detached mode 


A 
B, 
GC. You get “unknown shorthand flag: -1td” 
D 


A shell from the created container Is returned to you 


Codet+ps 


Pop quiz: answer 


When you execute 
docker run -itd debian 


the created container runs in the detached model 


$ docker ps 


CONTAINER ID IMAGE COMMAND CREATED 
STATUS PORTS NAMES 
a53779a74904 debian "/bin/bash" 2 minutes ago 


Up 2 minutes agitated aryabhata 
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Building images using Dockerfile 


Codettps 


Different ways to create images 


dockercommit Build an image from a container 


docker build Create AUIS Hor a BO oue by executing the 
build steps given in the file 
Create a base image by importing from a tarball. 
docker import [import is mainly used for creating base-images; first 
two options are widely used] 


Codettps 


Dockerfile - key instructions 


FROM 


MAINTAINER 


RUN 


CMD 


ADD 


EXPOSE 


The base image for building the new docker image; provide “FROM scratch” 
if it is a base image itself 


The author of the Dockerfile and the email 


Any OS command to build the image 


Specify the command to be started when the container is run; can be 
overridden by the explicit argument when providing docker run command 


Copies files or directories from the host to the container in the given path 


Exposes the specified port to the host machine 
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How can | create an image from a Dockerfile? 


Use docker build command 
“Dockerfile” - its like Makefile for Docker 


$ cat myimage/Dockerfile 

FROM ubuntu 

RUN echo "my first image" > /tmp/first.txt 

$ docker build myimage 

Sending build context to Docker daemon 2.048 kB 
Step 1 : FROM ubuntu 

---> ac526a356ca4 

Step 2 : RUN echo "my first image" > /tmp/first.txt 
---> Running in 18f62f47d2c8 

---> 777f9424d24d 

Removing intermediate container 18f62f47d2c8 
Successfully built 777f9424d24d 

$ docker images | grep 777f9424d24d 

<none> <none> 77719424d24d 4 minutes ago 
$ docker run —it 777f9424d24d 

roota@2dcd9d0caf6f:/# ls 

bin boot core dev etc home lib lib64 media mnt opt proc root run sbin 
sys MM usr var 

root@2dcd9d@caf6f:/# cat /tmp/first.txt 

my first image 

root@2dcd9d@caf6f:/# exit 

exit 


$ 


Srv 


125.2 MB 
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How to name/tag an image when building? 


Use “docker build <<dirname>> -t"imagename:tag"” command 


$ docker build myimage -t"myfirstimage: latest" 
Sending build context to Docker daemon 2.048 kB 
Step 1 : FROM ubuntu 
——> ac526a356ca4 
Step 2 : RUN echo "my first image" > /tmp/first.txt 
—-> Using cache 
—-> 777£9424d24d 
Successfully built 777f9424d24d 
$ docker images myfirstimage 
REPOSITORY TAG IMAGE ID CREATED SIZE 
myfirstimage latest 777f9424d24d 58 minutes ago 125.2 MB 
$ 
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Dockerfile for running a Java program 


$ cat HiHello.java 

import java.10.x; 

import java.net.InetSocketAddress; 
import com.sun.net.httpserver.x; 


public class HiHello { 
public static void main(Stringll args) throws Exception 4 
HttpServer server = HttpServer.create(new InetSocketAddress(8080), 0); 
server.createContext("/hi", (HttpExchange t) -> 


try 4 
String response = "hello\n"; 
t.sendResponseHeaders (200, response. length()); 
try(OutputStream os = t.getResponseBody()) { 
os.write(response.getBytes()); 


y 
} catch (IOException ioe) 1 
System.err.println("Error writing to outputstream: " + ioe); 
System.exit(-1); 
} 
server.start(); 


} 


$ curl localhost:8080/hi 
hello 
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Dockerfile for running a Java program 


$ cat Dockerfile 
FROM java: latest 
COPY HiHello.class / 
EXPOSE 8080 
ENTRYPOINT ["java"] 
CMD ("HiHello" | 


$ docker build . 

Sending build context to Docker daemon 6.656 kB 

Step 1 : FROM java: latest 

——> 264282a59a95 

// ... Successfully built 60a14f519720 

$ docker run -d -p 8080:8080 60a14f519720 
16f6d/eca560c96b995be9f0c6d6816/930ab/501451a452818e04ce29ec17/7f 
$ curl localhost:8080/hi 

hello 
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Pop quiz 


Which command do you use “to find layers and their 
sizes” in an image using Docker CLI? 


Å 


B 
= 
D 


Use docker images -layers <<imageld>> command 
Use docker layers <<imageld>> command 
Use docker history <<imageld>> command 


There is no way you can find layers and their sizes using Docker CLI 
- you need to use external tools 
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Pop quiz: answer 


To find layers and their sizes in an image using Docker 
CLI, use“docker history <<imageid>> command. 


$ docker history google/cadvisor 


IMAGE CREATED CREATED BY SIZE 
COMMENT 

106e303be3a4 2 weeks ago /bin/sh -c #(nop) ENTRYPOINT ["/usr/bin/cadvi 0 B 
<missing> 2 weeks ago /bin/sh -c #(nop) EXPOSE 8080/tcp 0 B 
missing” 2 weeks ago /bin/sh -c #(nop) ADD file:1bde294f31142b3dee 25.87 MB 
missing” 2 weeks ago /bin/sh -c apk --no-cache add ca-certificates 17.13 MB 
missing” 2 weeks ago /bin/sh -c #(nop) ENV GLIBC VERSION=2.23-r3 0 B 
missing” 2 weeks ago /bin/sh -c #(nop) MAINTAINER dengnan@google.c ØB 
<missing> 3 months ago /bin/sh -c #(nop) ADD file:852e9d0cb9d906535a 4.799 MB 
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Pop quiz 


Which command do you use “recreate the Dockerfile 
that was used to build that image” from a given image 
id/tag using Docker CLI? 


Å 


B. 


= 


Use docker images -dockerfile <<imageid>> command 
Use docker build -reverse <<imageid>> command 


Use docker history --no-trunc --out:<filename> <<imageid>> 
command 


There is no way to recreate the Dockertile that was used to build 
that image from a given image id/tag using Docker CLI 
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Pop quiz: answer 


There is NO way to recreate the Dockertile that was used to build that 
image trom a given image id/tag using Docker CLI. 


Think about Makefile: can you recreate the Makefile that was used to 
build that executable file? No. 


However, you can see the commands used to create the layers in the 
image. Pass —no-trunc option to docker history command. 


Example: ‘docker history --no-trunc google/cadvisor" 


Try t now! 


Docker Volumes 
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Docker volume commands 


Command Description 


docker volume create Create a volume 


Display detailed information on one 


docker volume inspect 
or more volumes 


docker volume Is List the available volumes 


docker volume rm Remove one or more volumes 
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Commands for Docker volumes 


$ docker volume create --name myvolume 
myvo Lume 

$ docker volume ls 

local myvo lume 

$ docker volume inspect myvolume 


| 


{ 
"Name": "myvolume", 
"Driver": "local", 
"Mountpoint": "/var/lib/docker/volumes/myvolume/ data", 
"Labels": 43h, 
"Scope": "local" 
} 


$ docker volume rm myvolume 
myvo Lume 
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How to persist data? 


Use -v option to “mount volumes” 


$ docker run -v /volumetesting --name="persistdata" alpine /bin/sh -c 
"echo testing persistence with volumes > /volumetesting/textfile. txt” 


$ docker run --volumes-from=persistdata alpine /bin/sh -c "cat / 
volumetesting/textfile.txt" 
testing persistence with volumes 
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How to get info on volumes? 


Use “docker volume ls and inspect” options 


$ docker volume Is 


DRIVER VOLUME NAME 
local 081bf425dd953c6b13f8e36f24540d191792e51dbd9c327eadae131ded5da432 
local 3357f5522da19b47c3996db5e129b52d4be420ccec25d60d4473602cd25f473b 


$ docker volume inspect 
081bf425dd953c6b13f8e36f24540d191/792e51dbd9c32/eadae131ded5da432 
[ 
{ 
"Name": "Q81bf425dd953c6b13 f8e36f24540d191792e51dbd9c327eadae131ded5da432", 
"Driver": "Local", 
"Mountpoint": "/var/lib/docker/volumes/ 
081bf425dd953c6b13 f8e36F24540d191792e51dbd9c327eadae131ded5da432/_ data", 
"Labels": null, 
"Scope": "local" 
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Removing volumes 


Use “docker volume rm” option 


$ docker volume rm 081bf425dd953c6b13f8e36f24540d191792e51dbd9c327eadae131ded5da432 
081bf425dd953c6b13f8e36f24540d191792e51dbd9c327eadae131ded5da432 
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Removing containers with volumes 


When the container is removed, the volumes will not be 


removed. If the volumes also need to be removed, you 
have to use the -v option, as in: docker rm -v <<sha>> 
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Clean up volumes 


You can “clean up” the volumes if you aren't using them. 


Use the command “docker volume rm $(docker volume 
Is -g)” to remove all the volumes. 
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se Flocker (data volume manager 


See: https: / / clusterhq.com / flocker / 


Native Docker 


CONTAINER CONTAINER 


When container moves, its data volume stays in place. 
Database starts on new server without any data. 


Using Flocker 


CONTAINER CONTAINER 


VOLUME 


EI 


When container moves, data volume moves with it. 
Your database gets to keep its data! 


source: https: / / clusterhq.com / assets /images / diagrams / diagram-1 jpg 


Docker Machine 


Docker Machine 


Create and manage machines running Docker (cloud or on your computer) 


$ docker-machine create --driver=virtualbox myhost 

Running pre-create checks... 

(myhost) Default Boot2Docker ISO is out-of-date, downloading the latest release... 

(myhost) Latest release for github. com/boot2docker/boot2docker is v1.12.2 

(myhost) Downloading /Users/gsamarthyam/.docker/machine/cache/boot2docker.iso from https://github.com/ 
boot2docker/boot2docker/releases/download/v1.12.2/boot2docker.iso... 

İİ van 

Setting Docker configuration on the remote daemon... 

Checking connection to Docker... 

Docker is up and running! 

To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: 
docker-machine env myhost 


$ docker-machine env myhost 

export DOCKER_TLS_VERIFY="1" 

export DOCKER_HOST="tcp://192.168.99.100:2376" 

export DOCKER_CERT_PATH="/Users/gsamarthyam/.docker/machine/machines/myhost" 
export DOCKER_MACHINE_NAME="myhost" 

# Run this command to configure your shell: 

# eval $(docker-machine env myhost 


$ docker-machine ls 
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS 
myhost - virtualbox Running tcp://192.168.99.100:2376 v1.12.2 


Docker Compose 
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docker-compose commands 


Command Description 


docker-compose up (Re)build services 
docker-compose kill Kill the containers 
docker-compose logs Show the logs of the containers 


Stop and remove images, containers, volumes 


docker-compose down 
and networks 


docker-compose rm Remove stopped containers 


Creating multiple Docker 
containers 


docker- mes 


Step 1. Create a docker-compose.yml file (or docker-compose.yaml file) 

Step 2. Execute “docker-compose up -d” 

Step 3. Execute “docker-compose logs” from another shell (but from same dir) 
Step 4. Execute “docker-compose down” 
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docker-compose commands 


Command Description 


docker-compose up (Re)build services 
docker-compose kill Kill the containers 
docker-compose logs Show the logs of the containers 


Stop and remove images, containers, volumes 


docker-compose down 
and networks 


docker-compose rm Remove stopped containers 
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Docker voting app 


voting-app result-app 
Python Node.js 
db 
PostgreSQL 
worker 
NET 
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Docker voting app 


Step 1. Download .zip or clone: https: / / github.com / docker /example-voting-app 


Step 2. Unzip the file and go to that directory from your shell 
Step 3. Type “docker-compose up -d” 
Step 4. From another shell, go to the same directory & type “docker-compose logs” 


Step 5. In browser address bar, type “http://localhost:5000" 


Step 6. In browser address bar, type “http://localhost:5001" 
Step 7. From the shell, in that directory, type “docker-compose down” 
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Docker voting app 


D One vs Two! x Ganesh 
€ C © localhost:5000 Q%x 96 [7 Q] 
One vs Two! 
Ganesh 


[ One vs Two -- Result x 


€ C © localhost:5001 AY Y O 0O D 


ONE TWO 


100.0% 0.0% 


Docker Networking 
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Getting the ip address of a container 


$ docker inspect --format '{{ .NetworkSettings.IPAddress }}' fervent_sinoussi 
172.17.0.6 


$ docker attach fervent_sinoussi 
root@856aed6a92f1:/# ip addr 
// | 
92: eth@@if93: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group 
default 
link/ether 02:42:ac:11:00:06 brd ff:ff:ff: ff: ff: ff 
inet 172.17,0.6/16 scope global eth® 
valid_lft forever preferred_lft forever 
inet6 fe80::42:acff:fe11:6/64 scope link 
valid lft forever preferred_lft forever 


root@&856aed6392f1:/# cat /etc/hosts 


// nu au : 
172.17.0.6  856aed6a92f1 container; 
root@856aed6a92f1:/# 1: Use the docker inspect command 


There are many ways to get the IP address of a 


2. Use ip addr command from the container's shell 
3: Use «cat /etc/ hosts” and check the entry for the 
container 
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How to get port mappings of a container? 


$ docker run -d -p5000:5000 registry 
c51b984b4d64a05e924c7677f20e8c5c386e8bb53f5de0369337d31f73a7cf7e 


$ docker port 


c51b984b4d64a05e924c7677f20e8c5c386e8bb53f5de0369337d31f73a7cf7e 


5000/tcp -> 0.0.0.0:5000 


$ docker run -P -d nginx 


de6e1/ededc8223c9a5ac9fee4f9493929a22a/8fe88c60b643b54507/8c60648 


$ docker port 


de6e1/ededc8223c9a5ac9fee4f9493929a22a/8fe88c60b643b54507/8c60648 


443/tcp -> 0.0.0.0:32768 
80/tcp -> 0.0.0.0:32769 


$ docker ps 

CONTAINER ID IMAGE 
STATUS PORTS 
de6e1/ededc8 nginx 
ago Up 20 seconds 


reverent_wright 


COMMAND CREATED 
NAMES 
“nginx —g ‘daemon off" 21 seconds 


0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp 
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Three kinds of networks 


E E E E Default, single-host driver 
NETWORK ID NAME DRIVER SCOPE 
adbb9a40c8e3 bridge bridge local 
399'711fd0635 host host local 
790ae8b43d9b none null local 
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Docker network commands 


Command Description 


docker network connect Connect a container to a network 


docker network create Create a network 


Disconnect a container from a 
network 


docker network disconnect 


Display detailed information on one 


docker network inspect 
or more networks 


docker network Is List networks 


docker network rm Remove one or more networks 
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Bridge network 


$ docker network inspect bridge 


{ 


"Name": "bridge", 
"Id": "39457e56e7c0d172a239745e10ebf24f9e5046e9bc98f978f4e759f1f4e486c3", 
"Scope": "local", 
"Driver": "bridge", 
"EnableIPv6": false, 
"IPAM": 4 
"Driver": "default", 
"Options": null, 
ką * [ 


By default, containers are 
added to the bridge network. 


"Subnet": "172.17.0.0/16", : 
| ateway": ©172.17.0.1 You can see the containers in 


] ż 
bridge netwórk here 
nternal": false, 
"Containers": { 
"19857aa228 f7ba76fc10d1e992e9 fe49a0d361b5daab3a0a2703267aab862c58": 4 
"Name": "furious mcnulty", 
"EndpointID": "e2a7423a9108fa7bb18ea9893e299elbceb73fa13c3123c5b0d515790be477d3", 
"MacAddress": "02:42:ac:11:00:03", 
"IPv4Address": "172.17.0.3/16", 
"IPv6Address": "" 


} 


}, 
"eaf4697b9989666e0c79cce6dc03697c8226aea37157d97bce1d08e250fb3c36": 4 
"Name": "cadvisor", 
"EndpointID": '"f907c7510aaf7196e6419733b64da689330948ca0f3c88bd4dd41258a4503e42", 
"MacAddress": "Q@2:42:ac:11:00:02", 
"IPv4Address": "172.17.0.2/16", 
; "IPv6Address": "" 


ptions": 4 

com. docker.network.bridge.default bridge": "true", 

com. docker.network.bridge.enable icc": "true", 

com. docker.network.bridge.enable ip masquerade": "true", 
com. docker.network.bridge.host binding ipv4": "0.0.0.0", 
com. docker.network.bridge.name": "dockerø", 

com. docker.network.driver.mtu": "1500" 


} 


}, 
"Labels": {} 


Codettps 
Pop quiz 
You are creating a new container with this command: 


docker run -d --name myubuntu ubuntu /bin/sh -c "while true; do echo current date and 
time is: $(date); sleep 10; done” 


Which network is the “myubuntu” container attached 
to? 


Pe 
BE EE 
EEUE 
2: “Nene 
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Pop quiz: answer 


Bridge network. By default, a newly created container is attached to the 
bridge network (unless a different network is specified, for example, using 
the —network option with the docker run command). 


$ docker network inspect bridge 


{ 
"Name": "bridge", 
IF 2 
"Containers": { 
"04579b88a74c981ae854261dffc7ab17328c28bb6fafec0f9c1e9431e77b3b27": 4 
"Name": "myubuntu", 
"EndpointID": 
"'8a0e/a2559eac35eb60a90e85554679de27/76bd1ba39ff3a4083301d08e9ee384', 
"MacAddress": "Q2:42:ac:11:00:03", 
"TIPv4Address": "172.17.0.3/16", 
"TPv6Address”: "" 
Fy 
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Orchestration 


E A M Docker swarm provides 


“clustering capabilities”, 1.e., 


be able to treat group of 
Docker engines into a single 
virtual Docker engine 
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Docker Swarm 


With Docker Swarm 


Swarm 


“swap, plug, and play” 
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Docker Swarm 


$ docker swarm init 
Swarm initialized: current node (81snul7czu9pg42h3qnm2v5hr) is now a manager. 


To add a worker to this swarm, run the following command: 

docker swarm join ——token 
SWMTKN-1-2tn8fic@7uivk291th095me3r6cro/bkrfnbtv6va3qv fourew—60 lc37m9ljymly3fcb6rig2nu 
192.168.65.2:2377 


To add a manager to this swarm, run 'docker swarm join-token manager' and follow the 
instructions. 
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Clustering for Docker 


“batteries included but swappable” 


. acd Zookeeper 
Swarm / Networking BER mw 
CLI IE consul | 
Simple File 
Docker Hub 
Token service 
Managers 


«disa 
ŞT ig ww P 


Overlay networking (vxlan) 


Docker workbench for security 


docker run -it --net host --pid host --cap-add audit_control \ 
var ib at ED, 
-v /var/run / docker.sock: / var /run / docker.sock | 
-v /usr/lib/systemd:/usr/lib/systemd | 
-v /etc:/etc --label docker bench security | 
docker / docker-bench-security 


OR 
git clone https: / / github.com / docker / docker-bench-security.git 


cd docker-bench-security 
docker-compose run --rm docker-bench-security 


OR 


git clone https: / / github.com / docker / docker-bench-security.git 
cd docker-bench-security 
sh docker-bench-security.sh 


Source: https: / / github.com / docker / docker-bench-security 


Docker workbench for security 


sh docker-bench-security.sh 


Docker Bench for Security v1.1.0 
Docker, Inc. (c) 2015- 


Checks for dozens of common best-practices around deploying Docker containers in production. 
Inspired by the CIS Docker 1.11 Benchmark: 
https: //benchmarks.cisecurity.org/downloads/show-single/index.cfm?file=docker16.110 


[WARN] Some tests might require root to run 
[INFO] 1 - Host Configuration 


[WARN] 1.1 - Create a separate partition for containers 

[PASS] 1.2 - Use an updated Linux Kernel 

[WARN] 1.4 - Remove all non-essential services from the host - Network 

[WARN] * Host listening on: 7 ports 

[PASS] 1.5 - Keep Docker up to date 

[INFO] * Using 1.12.1 which is current as of 2016-08-16 

[INFO] * Check with your operating system vendor for support and security maintenance for docker 


[INFO] 1.6 - Only allow trusted users to control Docker daemon 
[WARN] 1.7 - Failed to inspect: auditctl command not found. 


[INFO] 1.8 — Audit Docker files and directories - /var/lib/docker 
[INFO] * Directory not found 
[INFO] 1.9 - Audit Docker files and directories - /etc/docker 
[INFO] * Directory not found 
[INFO] 2 - Docker Daemon Configuration 
[WARN] 2.1 - Restrict network traffic between containers 
[PASS] 2.2 — Set the logging level 
[PASS] 2.3 — Allow Docker to make changes to iptables 
[PASS] 2.4 - Do not use insecure registries 
[WARN] 2.5 — Do not use the aufs storage driver 
[INFO] 2.6 - Configure TLS authentication for Docker daemon 
[INFO] * Docker daemon not listening on TCP 
[INFO] 2.7 — Set default ulimit as appropriate 
[INFO] * Default ulimit doesn't appear to be set 
[WARN] 2.8 - Enable user namespace support 
[PASS] 2.9 - Confirm default cgroup usage 
[PASS] 2.10 — Do not change base device size until needed 
[WARN] 2.11 - Use authorization plugin 
[WARN] 2.12 — Configure centralized and remote logging 
2.13 - Disable operations on legacy registry (v1) 


[WARN] 


| VEZ | 
V PRACTICE 


Docker workbench for security 


Use the free Docker Workbench For Security (https: / / 


ithub.com / docker / docker-bench-security) to check for 
violations of security best practices 
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Monitoring Docker 
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Stats for all running containers 


Use “docker stats” command 


$ docker stats 


CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/0 BLOCK I/0 
5394e9b78397 0.00% 1.805 MiB / 1.953 GiB 0.09% 648 B / 648 B 389.1 kB / 0 B 
6b873116f198 0.00% 1.395 MiB / 1.953 GiB 0.07% 4.354 kB / 648 B 0B/0B 
742e01ef7fd4 0.00% 500 KiB / 1.953 GiB 0.02% 10.68 kB / 648 B 0B/0B 
c51b984b4d64 0.01% 18.54 MiB / 1.953 GiB 0.935 12.49 kB / 648 B 16.6 MB / 0 B 
ce042fe264b2 0.00% 60 KiB / 1.953 GiB 0.00% 14.94 kB / 648 B 0B/0B 
c8a954a62a19 0.00% 60 KiB / 1.953 GiB 0.00% 17.69 kB / 648 B 0B/0B 
725d93bb258c 0.00% 64 KiB / 1.953 GiB 0.00% 18.34 kB / 648 B 4.096 kB / 0 B 
04579b88a74c 0.00% 340 KiB / 1.953 GiB 0.02% 19.08 kB / 648 B 94.21 kB / 9 B 
99d946d9b4e0 0.00% 104 KiB / 1.953 GiB 0.01% 21.32 kB / 1.026 kB 24.58 kB / 0 B 
9128bf57e03c 0.00% 288 KiB / 1.953 GiB 0.01% 5.692 kB / 648 B 0B/0B 


Displays resource utilisation (cpu, 


memory, etc) details; automatically 


updated when details change 


ND KA ND KA KA KA d KA KN N U 
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Stats for a specific Docker 


Use “docker stats <<CONTAINTER ID>>” command 


$ docker stats sleepy wescoff 


CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/0 BLOCK I/0 
sleepy_wescoff 0.00% 1.031 MiB / 4 MiB 25.78% 648 B / 648 B 0 B/0B 


PIDS 
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Printing containers names m stat 


Şe $ docker stats $(docker ps --format={ {.Names}}) 
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Monitoring Docker 


Use the free cAdvisor tool 


(https://github.com/google/cadvisor) 


docker run --volume=/:/rootfs:ro --volume=/var/run:/var/run:rw —volume=/ 
sys:/sys:ro --volume=/var/lib/docker/:/var/lib/docker:ro --publish=8080:8080 
--detach=true --name=cadvisor google/cadvisor:latest 


Now open localhost:8080 in your browser 
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Monitoring Docker 


Total Usage 


10:23:00 10:23:15 10:23:30 10:23:45 10:24:00 10:24:15 
— Total 


Usage per Core 


localhost:8080 


10:23:00 10:23:15 10:23:30 10:23:45 10:24:00 10:24:15 
— Core 0 — Core 1 


Usage Breakdown 


10:23:00 10:23:15 10:23:30 10:23:45 10:24:00 10:24:15 
— User —— Kernel 


Codet¥ps 


Monitoring Docker 


+ datadog (https: / /www.datadoghq.com / ) 
+ sysdig (http: / /www.sysdig.org / ) 
+ prometheus (https: / / prometheus.io/ ) 


Other topics 


Codet¥ps 


How do debug on a running container? 


Use “docker exec” command 


$ docker ps -a 


CONTAINER ID IMAGE COMMAND CREATED 

STATUS PORTS NAMES 

9128bf57e03c ubuntu "/bin/sh -c "while tr" 24 minutes ago Up 
24 minutes lonely einstein 


$ docker exec -ti lonely einstein /bin/bash 
root@9128bf57e03c:/# 
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Can I use GUI instead of command-line? 


Use “kitematic” (https://github.com/docker/kitematic ) 


fm 
000 © 
Containers 


berserk pare 
ubuntu:latest 


big carson 


whalesay 


big thompson 


average 


boring roentgen 
webapp 


clever_mcclintock 
ubuntu 


condescending_shirley 
ubuntu 


desperate_aryabhata 
ubuntu 


distracted_wilson 


docker-nginx 
nginx 


drunk_mayer 


average 


ecstatic_lalande 
average 


elated_curran 
alpine 


evil_heyrovsky 
ubuntu 


ds DOCKER CLI (= 


sgganesh v 


All Recommended My Repos 
Recommended 
kitematic official Q 
hello-world-nginx ghost 


container Ghost is a free and open source 


A light-weight 


that demonstrates the features of 


nginx 


blogging platform written in 


Kitematic JavaScript 

O46 BECK es 401 GZM ove 
official Q official Q 
jenkins redis 

Official Jenkins Docker image Redis is an open source key 


re that functions as a 


Gata Structure server 


„w 1.7K d 8M 000 CREATE )2.4K dt 58M 000 CREATE 
official Q kitematic 

rethinkdb minecraft 

RethinkDB is an open-source, The Minecraft multiplayer server 


document database that makes it allows two or more players to 


easy to build and scale realtime play Minecraft together 


280 G2M a 957 26K a 
official gQ ah. official ę 
solr elasticsearch 


— 
Solr is the popular, blazing-fast 
search 


2222 dp 228K 000 


o 


7 1.4K 


[b 14M 


000 


My Images 
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Different ways to access Docker 


Grapnical User 
Interface (Kitematic) 


Representational State Command-Line 
Transfer (REST) API Interface (CLI) 
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Crazy stuff: Docker in Docker!! 


Use “docker run --privileged -d docker:dind" 


“docker:dind” is the official “Docker in Docker base image” 


See: https://github.com/jpetazzo/dind 


mT 
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p || 


Myths and Misconceptions 


Docker “completely” replaces 


VMs 


Docker & eği Following 
docker 


Are you currently using @docker containers & VMs 
together? + Iwitterpoll #VMWorld 


42% NO 


1,338 votes * Final results 
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Containers AND VMs 


Bins/Libs Bins/Libs Bins/Libs 


Docker Engine 


Virtualization 


Docker is * completely * portable 
Build once, run anywhere - but conditions apply! 


There are limitations to portability with Docker (depending on 
what you mean by “portable” ). 


For example, you can run a Windows Docker container only on 
Windows and run a Linux Docker container only on Linux 
(and not vice versa). 


Aas 
ETE 


var 


attach 
build 
commit 
Cp 
create 
deploy 
diff 
events 
exec 
export 
history 
images 
import 
info 
inspect 
kill 
load 
login 
Logout 
logs 
network 
node 
pause 
plugin 
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Docker commands 


Attach to a running container 

Build an image from a Dockerfile 

Create a new image from a container's changes 

Copy files/folders between a container and the local filesystem 
Create a new container 

Create and update a stack from a Distributed Application Bundle (DAB) 
Inspect changes on a container's filesystem 

Get real time events from the server 

Run a command in a running container 

Export a container's filesystem as a tar archive 

Show the history of an image 

List images 

Import the contents from a tarball to create a filesystem image 
Display system-wide information 

Return low-level information on a container, image or task 

Kill one or more running container 

Load an image from a tar archive or STDIN 

Log in to a Docker registry. 

Log out from a Docker registry. 

Fetch the logs of a container 

Manage Docker networks 

Manage Docker Swarm nodes 

Pause all processes within one or more containers 

Manage Docker plugins 


port 

ps 

pull 
push 
rename 
restart 
rm 

rmi 

run 
Save 
search 
service 
Stack 
Start 
stats 
stop 
swarm 
tag 

top 
unpause 
update 
version 
vo Lume 
wait 
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Docker commands 


List port mappings or a specific mapping for the container 
List containers 

Pull an image or a repository from a registry 

Push an image or a repository to a registry 

Rename a container 

Restart a container 

Remove one or more containers 

Remove one or more images 

Run a command in a new container 

Save one or more images to a tar archive (streamed to STDOUT by default) 
Search the Docker Hub for images 

Manage Docker services 

Manage Docker stacks 

Start one or more stopped containers 

Display a live stream of container(s) resource usage statistics 
Stop one or more running containers 

Manage Docker Swarm 

Tag an image into a repository 

Display the running processes of a container 

Unpause all processes within one or more containers 

Update configuration of one or more containers 

Show the Docker version information 

Manage Docker volumes 

Block until a container stops, then print its exit code 


docker Cheat Sheet 


L REBEL 


TURNAROUND 


Glossary 


Layer - a set of read-only files 
to provision the system 


Image - a read-only layer that 
is the base of your container. 
Might have a parent image 


Container - a runnable instance 
of the image 


Registry / Hub - central place 
where images live 


Docker machine - a VM to run 
Docker containers (Linux does 
this natively) 


Docker compose - a utility to run 


multiple containers as a system 


Container: my-container 


Image: tomcat:8.0.29-jre8 


Parent image: java:8-jre 


Parent image: buildpack-deps:jessie-curl 


Useful one-liners 


Download an image 


docker pull image_name 


Start and stop the container 


docker [start|stop] container name 


Create and start container, run command 
docker run -ti --name container_name 


image name command 


Create and start container, run command, 
destroy container 


docker run --rm -ti image name command 


Example filesystem and port mappings 
docker run -it --rm -p 8080:8080 -v 
/path/to/agent.jar:/agent.jar -e 
JAVA_OPTS="-javaagent: /agent. jar” 
tomcat:8.0.29-jre8 


docker start my-container 


Note: this container might run inside docker-machine 


Source: 


Processes 


java -jar tomcat.jar 
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Docker cleanup commands 


Kill all running containers 
docker kill $(docker ps -q) 


Delete dangling images 
docker rmi $(docker images -q -f 


dangling=true) 


Remove all stopped containers 


docker rm $(docker ps -a -q) 


Docker machine commands 


Use docker-machine to run the containers 


Start a machine 


docker-machine start machine name 


Configure docker to use a specific machine 


eval “$(docker-machine env machine name)” 


docker logs -ft my-container 


Logs 


docker exec -ti my-container command.sh 


Docker compose syntax 


docker-compose.yml file example 
version: “2” 

services: 

web: 

“web” 


java:8 # image name 


container name: 

image: 

# command to run 

command: java -jar /app/app.jar 

ports: # map ports to the host 
- “4567:4567” 

volumes: # map filesystem to the host 

- ./myapp.jar:/app/app.jar 
mongo: # container name 


image: mongo # image name 


Create and start containers 


docker-compose up 


Interacting with a container 
Run a command in the container 


docker exec -ti container name command.sh 


Follow the container logs 


docker logs -ft container name 


Save a running container as an image 
docker commit -m “commit message” -a “author” 


container_name username/image name: tag 


BROUGHT TO YOU BY 


JRebel 


http: / /zeroturnaround.com / wp-content / uploads /2016/03/Docker-cheat-sheet-by-RebelLabs.pn 
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Where to learn more? 


Codettps 


Relevant URLs 


* Detailed list of resources: https: ithub.com /hangyan 


docker-resources 


+ Self-learning courses: https: / / training.docker.com 


+ Detailed documentation: https: / / docs.docker.com 
* Detailed tutorial (presentation): http: / / docker.training 


* SE-Radio Episode 217: James Turnbull on Docker 
* Docker related presentations in parleys.com 


* Blog on Docker resource utilisation 
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O'REILLY | | DUCKER: UP & RUNNING 


> Covers how to develop, test, 
debug, ship, scale, and 
support with Docker from 
DevOps perspective 


SRO A T 
pate REF © 


> We liked the useful tips; 
examples: 


Up & Running 


> “Maximize robustness with fast 
startup and graceful shutdown.’ 


3 


> “Explicitly declare and isolate 
dependencies.” 


> “Strictly separate build and run 
stages.” 


Karl Matthias & Sean P. Kane 


http://amzn.com/1491917571 


“Docker: Up & Running”, Karl Matthias, Sean P. Kane, O'Reilly Media; 1 edition (July 3, 2015) 
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IMAGE 


iir, 


by James! Turnbull 
http://www.amazon.in/dp/BOOLRROTI4 


The Docker Book, James Turnbull, Amazon Digital South Asia Services, July 2014 


THE DOCKER BOOK 


> Interesting sub-title: 
“Containerization is the new 
virtualization”. 


> From James Turnbull (CTO at 
Kickstarter and Advisor at 
Docker) 


> Useful to get comfortable with 
core concepts of Docker 


> Useful for developers, 
operations staff (and DevOps), 
and SysAdmins 


> Supporting website: http:// 
dockerbook.com/ 


Codettps 


DOC KER COOKBOOK 


» Contents written in recipe 
format (Problem, Solution, 


Docker format ( 
iscussion) 
E () OKD () OK > Useful because we can look for 


solutions to the problems that 
we face when using Docker 


> What we like: it covers topics 
that are not covered well in 
other books including 
Kubernetes, Docker ecosystem 
tools, monitoring Docker, and 
application use cases (CI, CD) 


Sébastien Goasguen 


http://amzn.com/149191971X 


“Docker Cookbook”, Sébastien Goasguen, O'Reilly Media, 2015 


om ighted Material 


IN ACTI 


Jeff Nickolofi 


Forewoan sy A 


N NANNING 


oprighted Material 


http//amzn.com/ 1633430235 


Docker in Action, Jeff Nickoloff, Manning Publications, 2016 


Codettps 


DUCKER IN ACTION 


eeeoeoeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee © 


> Wide coverage from basics to 
advanced topics like managing 
massive clusters 

> Book organised into three parts: 
> Keeping a tidy computer 
> Packaging software for distribution 


> Multi-container and multi-host 
environments 


> The third part is more 
interesting for us because it is 
not covered well in other books 


» Covers Docker Compose, Machine 
and Swarm 
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OREILLY USING DOCKER 


> Book organised into three 
parts: 


> Background and Basics 
> The Software Lifecycle with Docker 


> Tools and Techniques 


> Useful example: Walks you 
through the steps to develop 
and deploy web applications 
with Docker 


> Though the book touches 
upon basics, it covers more 
advanced topics 


Adrian Mouat 


http://amzn.com/1491915765 


Using Docker: Developing and Deploying Software with Containers, Adrian Mouat, O'Reilly Media, 2016 


Karl Matthias & Sean P. Kane 


BG vs vrns 


lonn ighted Material 


lopyrighted Material 
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O'REILLY 


Docker 
Cookbook 


NS ANO EXA 


Sébastien Goasguen 
by James! Turnbull sadi 


O'REILLY" 


Using" 
Docker 


DEVELOPING AND DEPLOYING SOFTWARE WITH CONTAINERS 


Adrian Mouat 
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Upcoming bootcamps 


AngularJS (22nd Oct) 


Modern Software Architecture (5th Nov) 
SOLID Principles (19th Nov) 
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Meetups 


http://www.meetup.com/JavaScript-Meetup-Bangalore 
http://www.meetup.com/Container-Developers-Meetup-Bangalore 
http://www.meetup.com/Software-Craftsmanship-Bangalore-Meetu 
http://www.meetup.com/Core-Java-Meetup-Bangalore 
http://www.meetup.com/Technical-Writers-Meetup-Bangalore 
http://www.meetup.com/CloudOps-Meetup-Bangalore 
http://www.meetup.com/Bangalore-SDN-loT-NetworkVirtualization-Enthusiasts 
http://www.meetup.com/SoftwareArchitectsBangalore 
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Refactoring for gangga 
Software Design Smells 
Managing Technical Debt Oracle Certified 
ET Professional Java SE 8 
Programmer 
Exam 120-809 


A Compret IP 8 
Certific 


Girish Suryanarayana, 
Ganesh Samarthyam, Tushar Sharma 
Forewords by Grady Booch and Stéphane Ducasse 4 AJ Tess 


C Te 


T ND, aaa: a 


ganesh @codeops.tech @GSamarthyam 


www.codeops.tech slideshare.net/sgganesh 
+91 98801 64463 bit.ly/ganeshsg 
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